Stuxnet, one of the most sophisticated known pieces of malware, was deployed to attack Iranian nuclear centrifuges. It is believed to have been carried on an infected USB stick.

The virus infected the internal network of computers running Windows, and attacked Siemens industrial control software in order to over-ride the system.

Andrew Tierney, consultant at cybersecurity firm Pen Test Partners, said the use of infected USB sticks to target households was very rare.

"However, it's still a common form of attacking businesses, where the gains are much greater," he said.

"Most cybercriminals are looking for volume, so it's much easier to get hold of people's information by phishing. It's unclear whether the devices were sent in the post, but putting a USB stick in someone's letterbox by visiting the property and potentially getting your fingerprints on them creates a much greater risk of getting caught."

The University of Illinois conducted an experiment earlier this year, dropping 297 USB drives around its campus. Had the sticks been infected, the attack would have had an estimated success rate of between 45% and 98%, the study found.

"You'd be surprised at how many people would fall for plugging an unknown USB stick into their computer. Some users may become distrustful at the stage only when the software asks them to download a program, but Word files can still be harmful," said Mr Tierney.